Project

General

Profile

Bug #8616

When reconfiguring a captiveportal, connected users get disconnected and can't login back

Added by A FL over 1 year ago. Updated about 1 month ago.

Status:
Resolved
Priority:
Normal
Category:
Captive Portal
Target version:
Start date:
07/03/2018
Due date:
% Done:

100%

Estimated time:
Affected Version:
All
Affected Architecture:
All

Description

Hello,

I noticed a weird behaviour with captiveportal when reconfiguring a CP while active users are connected : When administrator saves settings, ipfw rules are automatically flushed.

This is a big problem when editing captive portal settings while some users are connected : user are technically disconnected and are redirected to the login page (because ipfw rules are flushed), but they are still considered as connected and are unable to log-in again (because they are still present in the sqlite database).

This happen because when settings are saved, captiveportal rules are re-appplied unconditionally to the network interface.

One easy/dirty workaround would be to flush sqlite3 database when re-applying ipfw rules (meaning users get will get disconnected, but will be able to login again).

One (maybe better) fix would be to apply ipfw rules only if necessary (eg, when changing the captive portal’s network interface or some key settings) and to connect-back users after applying rules.

History

#1 Updated by A FL over 1 year ago

Issue mentionned here : https://forum.netgate.com/topic/137824/pfsense-no-internet-when-it-is-said-you-are-connected/13

This issue also happens when updating settings on the MAC page(eg, adding a MAC address as bypass...)

Also, maybe captiveportal should use make_subsystem_dirty when reloading rules ? See #1924

#2 Updated by A FL 10 months ago

Pull Request : https://github.com/pfsense/pfsense/pull/4031

Netgate choosed to fix this issue in another way. new pull request : https://github.com/pfsense/pfsense/pull/4042

#3 Updated by Jim Pingle about 1 month ago

  • Status changed from New to Pull Request Review
  • Target version set to 2.5.0

#4 Updated by Renato Botelho about 1 month ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • Priority changed from High to Normal
  • % Done changed from 0 to 100

PR has been merged. Thanks!

#5 Updated by A FL about 1 month ago

I just tested, the PR is working well. Users are not disconnected anymore when updating captive portal.

This issue can be marked as resolved

#6 Updated by Renato Botelho about 1 month ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF